Network services are somewhat new to enterprise WANs, as hardware-based network appliances, and their configurations are traditionally what made the WAN perform. These devices include routers, switches, firewalls, WAN optimizers, load balancers, proxy servers and other single-function devices positioned throughout the enterprise WAN. For decades, enterprises grew accustomed to the plethora of hardware appliances, and their accompanying maintenance and support overhead.

Software-defined networking, and more specifically SD-WAN, has changed the game of better connections for multiple networks by enabling new service chaining capabilities. A service chain virtually connects security and network services, like firewalls, intrusion prevention services (IPS), network address translation (NAT), etc. This allows multiple, virtual services to be utilized within a single network connection, and delivered among multiple, diverse connections.

Dynamic WAN Resource Utilization

Traditional networks often backhaul Internet traffic through headquarters or a corporate data center, where security infrastructure resides, like firewalls, IDS/IPS and proxy servers. But this circuitous route is always a rigid proposition. Of course, a better option for accommodating cloud connectivity and mobile users, would be the direct path over the Internet. While this is not easily accomplished with traditional networks, multiple network connections is remarkably simple with SD-WAN, by controlling the network edge as a service, and defining policies that match network service chains with applications. The ability for SD-WAN to granularly manage diverse traffic types over any type of transport, redefines network resource utilization.

Eliminate Device Bloat with Virtual Network Services

Service chains can be connected across a network through network function virtualization (NFV), where new services are instantiated as software, running on commodity hardware, such as in a universal CPE. Additionally, because virtual network functions (VNFs) use virtualized transports, the connections can be set up and torn down on-demand through the SD-WAN orchestrator. Service chains can be deployed at the network edge, or leverage third-party, cloud-based services, to lower costs, improve performance and security, and scale on-demand.

All this is not to say cloud-based network and security services cannot be accomplished with traditional networks. In fact, it can be done. But it’s very complex, with high costs, and long turn-arounds. It requires configuring tunnels at each site, applying rigorous failure processes and thorough testing. Let’s just say, it’s not for the faint of heart, and many enterprises simply choose to face the performance hit of backhauling traffic through their corporate data center, before sending traffic to the cloud.

A secure SD-WAN overlay is transport-independent, and can work across multiple public or private network connections. It uses policies that are centrally managed, to determine which traffic should be directed to a service, based on network performance and reliability criteria. If a particular circuit has a problem, or has failed, the SD-WAN automatically handles it.

Because today’s next generation SD-WANs are cloud-based, and use virtualized technology, they eliminate the need for single-function hardware appliances, as these services are now virtualized within the uCPE. The era of the rigidity and high-cost of single-function hardware appliances is coming to an end, as more enterprises embrace the comprehensive simplicity of virtual service chaining with SD-WAN.

Want a better network connection with SD-WAN? Contact us today to receive a free quote.